CVE-2026-12066 PbootCMS Password MemberController.php retrieve password recovery

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

CVE-2026-12066

CVE-2026-12066 affects PbootCMS up to version 3.2.12. The vulnerability resides in the function retrieve of file apps/home/controller/MemberController.php (Password Handler). Manipulating the arguments username/password/email/checkcode enables weak password recovery; the issue is exploitable remo...

CVE-2020-23580

Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board...

PbootCMS 安全漏洞

PbootCMS is a PbootCMS open source enterprise website content management system CMS developed using PHP language. A security vulnerability exists in PbootCMS 3.2.12 and earlier versions, which originates from an unknown function misoperation in the SQLite database component in file...

EUVD-2018-11284

Malware in sbrugna...

EUVD-2018-2210

Malware in sbrugna...

EUVD-2018-2211

Malware in sbrugna...

EUVD-2024-51113

Malicious code in bioql PyPI...

EUVD-2024-51109

Malicious code in bioql PyPI...

EUVD-2025-11844

Malicious code in bioql PyPI...

CVE-2025-46109

SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain sensitive information via a crafted GET request...

CVE-2025-46109

SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain sensitive information via a crafted GET request...

CVE-2025-46109

SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain sensitive information via a crafted GET request...

CVE-2020-22535

Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php...

CVE-2020-21003

Pbootcms v2.0.3 is vulnerable to Cross Site Scripting XSS via admin.php...

CVE-2025-3787

A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is an unknown function of the component Image Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-3787

A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is an unknown function of the component Image Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-3787

CVE-2025-3787 affects PbootCMS 3.2.5, specifically the Image Handler component. The weakness allows server-side request forgery via manipulation of the Image Handler, with remote exploitability and public disclosure noted across multiple sources. Reports describe an unknown function as the entry ...

CVE-2025-3787 PbootCMS Image server-side request forgery

A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is an unknown function of the component Image Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

PT-2025-17291 · Pbootcms · Pbootcms

Name of the Vulnerable Software and Affected Versions: PbootCMS version 3.2.5 Description: A vulnerability was found in the Image Handler component, which can lead to server-side request forgery. The manipulation can be launched remotely. Recommendations: For PbootCMS version 3.2.5, consider...